Upload
anantmaheshwari
View
217
Download
0
Embed Size (px)
Citation preview
8/9/2019 Wimax Security System Arch.
1/25
SEMINARON
IEEE 802.16(WI MAX) WIRELESS
SECURITYSUBMITTED BY
ANANT MAHESHWARI(EC/06/107)IV YR. ECE
SEMINAR CO-ORDINATOR
Mr. Vijay AgarwalMr. Deepak Balana
8/9/2019 Wimax Security System Arch.
2/25
CONTANT
Wireless system
IEEE 802.16
Working of WiMAX
WiMAX over other Technologies
IEEE 802.16 Security Architecture IEEE 802.16 Security Process
8/9/2019 Wimax Security System Arch.
3/25
Wireless system
Transfer information without electric conductors
,wires.
Cover few or long distances.
Advantages- mobility, easier & less expensiveinstallation, increase reliability, disaster recovery.
8/9/2019 Wimax Security System Arch.
4/25
Uses
Satellite communication
Telecommunication
Education Business
Medical purpose
Military, etc.
8/9/2019 Wimax Security System Arch.
5/25
IEEE 802.16
Also known as Wi Max (WorldWide
Interoperability For Microwave Access).
Its range is in km. as compare to Wi Fi
(meters).
Operate at 10-66 GHz & tuned at 2-11 GHzfor BWA (broadband wireless access).
Provides 70Mbps over up to 50 Km.
8/9/2019 Wimax Security System Arch.
6/25
Cont.
Support LOS & NLOS.
Provide broadband access to internet efficiently.
Uses point-multipoint link (consists of basetransceiver station ,a central antenna whichcommunicates with subscribers antennas).
Categories-fixed, mobile WiMAX
major goal is to minimize the packet loss anddelay .
8/9/2019 Wimax Security System Arch.
7/25
HOW WIMAX WORKS ??
8/9/2019 Wimax Security System Arch.
8/25
Types of WiMAX
Point to Point (PTP)
Point to multipoint (PTMP)
WiMAX can also be setup as mesh networksallowing the WiMAX systems to forward
packets between the base stations and
subscribers without having to install comm.lines between the base stations .
8/9/2019 Wimax Security System Arch.
9/25
8/9/2019 Wimax Security System Arch.
10/25
WiMAX over other Technologies
3G Wi- Fi
802.11
WiMAX
802.16
MOBILE- Fi
802.20
Max speed 2Mbps 54Mbps 100Mbps 16Mbps
Coverage Severalmiles
300 feet 50 miles Several miles
Airwaves Licensed Unlicensed Either Licensed
Advantage Range ,
mobility
Speed, price Range, SpeedMobility,Speed
Disadvt. Slow,
expensive
Short range Interference
issues ?
High price
8/9/2019 Wimax Security System Arch.
11/25
IEEE 802.16 Security Architecture
8/9/2019 Wimax Security System Arch.
12/25
802.16 MAC Protocol Stack
8/9/2019 Wimax Security System Arch.
13/25
MAC CS Sub-layer
CS Layer:
Receives data from
higher layers
Classifies the packet
Forwards frames to CPSlayer
8/9/2019 Wimax Security System Arch.
14/25
MAC CPS Sub-layer
Performs typical MAC functions suchas addressing
Each SS assigned 48-bit MAC
address
Connection Identifiers used asprimary address after initialization
8/9/2019 Wimax Security System Arch.
15/25
Cont..
MAC policy determined by direction of
transmission
Uplink is DAMA-TDM
Downlink is TDM
Data encapsulated in a common format facilitating
interoperability Fragment or pack frames as needed
Changes transparent to receiver
8/9/2019 Wimax Security System Arch.
16/25
MAC Privacy Sub-layer Provides secure
communication
Data encrypted with
cipher clock chainingmode of DES
Prevents theft of service
SSs authenticated by BS
using key managementprotocol
8/9/2019 Wimax Security System Arch.
17/25
IEEE 802.16 Security
Architecture
8/9/2019 Wimax Security System Arch.
18/25
IEEE 802.16 Security Process
8/9/2019 Wimax Security System Arch.
19/25
Authentication
8/9/2019 Wimax Security System Arch.
20/25
Data Key Exchange
Data encryption requires data key called TransportEncryption key (TEK).
TEK is generated by BS randomly TEK is encrypted with
Triple-DES (use 128 bits KEK)
RSA (use SSs public key)
AES (use 128 bits KEK)
Key Exchange message is authenticated by HMAC-SHA1 (provides Message Integrity and AK confirmation)
8/9/2019 Wimax Security System Arch.
21/25
Data Encryption
8/9/2019 Wimax Security System Arch.
22/25
Data Encryption
Encrypt only data message not management
message
DES in CBC Mode
56 bit DES key (TEK)
No Message Integrity Detection
No Replay Protection
8/9/2019 Wimax Security System Arch.
23/25
Conclusion
It need the bidirectional authorization
Require more flexible authentication method EAP Authentication
Improve Key derivation
Include the system identity (i.e., SSID)
Key freshness include random number from both SSand BS
Prefer AES to DES for data encryption
8/9/2019 Wimax Security System Arch.
24/25
8/9/2019 Wimax Security System Arch.
25/25